漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Connect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrieval Feature
Vulnerability Description
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Versions 1.41.1 and 2.41.1 contain a patch.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
OpenSource-WorkShop Connect-CMS 访问控制错误漏洞
Vulnerability Description
OpenSource-WorkShop Connect-CMS是日本OpenSource-WorkShop公司的一个用于轻松创建网站的内容管理系统。 Connect-CMS 1.41.0及之前版本和2.41.0及之前版本存在访问控制错误漏洞,该漏洞源于页面内容检索功能存在授权不当问题,可能导致检索非公开信息。
CVSS Information
N/A
Vulnerability Type
N/A